The Nagoya Port—Japan’s largest maritime port—was recently crippled by a ransomware attack that used LockBit, a ransomware software. As a result, the port’s operations, accounting for roughly 10% of Japan’s international trade, came to a halt for over 48 hours, as reported by CNN Business.
The attack occurred on Tuesday, 5th of July, and impacted the Nagoya Port Unified Terminal System (NUTS)—a platform used to manage operations across the port’s five cargo terminals. The successful execution of the attack allowed cybercriminals to gain unauthorised access to the system, control it, and delete a substantial amount of data, leading to a longer period of downtime than anticipated.
Efforts were underway to restore operations, with one terminal reinitiating activities on Thursday at 3.00 PM local time. The operation of the four additional terminals was expected to resume by 6:30 PM on the same day, according to the article.
The LockBit 3.0 ransomware group, known for its extensive criminal activities, has been identified as the likely perpetrator of the attack. The ransomware gang eventually claimed responsibility and demanded the port pay up, allegedly sending an English-language ransom note to a printer remotely. However, the specific ransom amount demanded remains undisclosed at this time.
CNN highlights the far-reaching implications of the attack on the major Japanese organizations, such as Toyota, relying on Nagoya Port. In addition, industry experts have underscored the vulnerability of global supply chains to cyberattacks and the potential financial losses associated with such operational disruptions.
This attack is one of many, with incidents of cyber-attacks soaring. The first half of 2022 witnessed a whopping 236.7 million ransomware attacks globally.
The DBIR study found that ransomware incidents have led to financial losses ranging from $1 million to $2.25 million in the last two years. The average cost per incident was around $26,000.
Ransomware—malware that uses encryption to hold a target’s confidential information at ransom—is mainly executed leveraging social engineering tactics like phishing. According to a study, 45% of ransomware attacks start with phishing emails. This was confirmed by a report by Verizon, which reviewed real-world data from 2,013 data breaches and 41,686 cybersecurity incidents. It found that 94% of malware got delivered via email, with phishing being the most common attack vector. These emails use social engineering techniques, taking advantage of human vulnerabilities to trick employees into handing over their login credentials or downloading malware. That results in a successful ransomware incident.
As a result, organisations looking to reduce the likelihood of successful ransomware incidents must equip employees with the knowledge of identifying and responding to fraudulent emails. Cybersecurity awareness training programs offered by high-end services like CultureAI can help staffers augment their security behaviour while strengthening their cybersecurity posture.
However, it’s important to note that employee training is just one component of a comprehensive cybersecurity strategy. Additional security measures, such as robust email filtering, endpoint protection, and regular software updates, are also critical in thwarting ransomware attacks.
Sohela is an electrical engineer and a self-professed writer with a keen interest in all things tech. When she’s not writing killer content pieces, you’ll find her enjoying tempting foods in her favourite restaurants.